AI Application Security Engineer

AI Application Security Engineer ABOUT BRAIN CO. Brain Co. is an applied AI startup co-founded by Jared Kushner and Elad Gil, and backed by leading Silicon Valley builders including Patrick Collison and Andrej Karpathy. We are building AI applications for the world's most important institutions, delivering impact on real-world problems across governments, healthcare systems, and critical industries. Our progress so far: - Automated construction permitting for a sovereign government → 80% faster, unlocking $375M+ in value - Optimized supply chains for a leading global energy company → 30% lower cost, 99% reliability, preventing $100M+ in losses - Streamlined hospital patient care across national health systems → 40% better outcomes, 80% less admin work Company momentum: - Raised a $55M Series A from leading investors - Built a team of 70+ AI experts from Tesla, Google DeepMind, NVIDIA, and Databricks THE ROLE As our Security Engineer, Application & AI, you will own the security of our products and application layer — secure development practices, agent security, third-party integration security, and data protection for AI products operating in some of the world's most regulated and sensitive environments. This is a hands-on builder role. You will write code, ship security tooling, and work directly with product and ML engineers to build security in from the start rather than bolt it on after. You are expected to work AI-natively: using AI to write threat models, automate security review, scale code analysis, and build internal tooling. This is not a nice-to-have — it is how the role is designed to operate and how one person can have outsized impact across a fast-moving engineering organization. Brain Co.'s products are built on agentic infrastructure — AI that takes actions, calls tools, and operates inside complex institutional workflows. The degree varies by product, but the underlying security surface is consistent: how agents are authorized, what they can touch, and how that is controlled at the application layer. This role is specifically designed to address that surface, working alongside the Infrastructure Security Engineer who owns the platform layer underneath. WHAT YOU'LL WORK ON Application Security - Own secure development practices across our products: AuthN/AuthZ patterns, secrets management, input handling, and secure-by-default standards that engineers can follow without security becoming a bottleneck. - Integrate security into the development lifecycle — code review, CI/CD pipelines, and pre-deployment checks — catching risk before it reaches production. - Conduct threat modeling across product features and release cycles, translating risk into concrete controls that ship alongside each product. - Build and maintain security tooling and automated checks that scale your reach across the codebase — using AI to move faster and cover more ground than manual review alone could. Agent & Integration Security - Own the application-layer security model for Brain Co.'s agentic products — how agents are scoped, what they are authorized to do on behalf of users, and where trust boundaries sit between the agent and the external systems it touches. - Define secure patterns for how agents integrate with third-party systems and APIs: how credentials are stored and scoped, how responses are validated before being acted on, and how each product limits what agents can do with what they get back. - Work directly with product and ML engineers during feature development to define secure agent design patterns: tool scoping, permission boundaries, output validation, and safe handling of user context across multi-step workflows. - Build reusable secure-by-default patterns for agent development — design guidelines, review checklists, and code-level guardrails — so that security standards scale as new agent capabilities are built. - Produce security artifacts for agent features and product deployments: threat mode ... (truncated, view full listing at source)